| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <87ip4t598t.fsf@xmission.com>
Date: Fri, 15 Mar 2013 01:59:30 -0700
From: ebiederm@...ssion.com (Eric W. Biederman)
To: Thomas Martitz <thomas.martitz@....fraunhofer.de>
Cc: richard -rw- weinberger <richard.weinberger@...il.com>,
"netdev\@vger.kernel.org" <netdev@...r.kernel.org>,
"davem\@davemloft.net" <davem@...emloft.net>,
"edumazet\@google.com" <edumazet@...gle.com>,
"herbert\@gondor.apana.org.au" <herbert@...dor.apana.org.au>
Subject: Re: Trying to implement secondary loopback
Thomas Martitz <thomas.martitz@....fraunhofer.de> writes:
> Am 13.03.2013 22:21, schrieb Eric W. Biederman:
>> "Martitz, Thomas" <thomas.martitz@....fraunhofer.de> writes:
>>
>>>> Von: Eric W. Biederman [ebiederm@...ssion.com]
>>>>
>>>> The easy solution is to setup two network namespaces and two nics.
>>>> And transmit data from one network namespace to another, through your
>>>> nics.
>>
>>>
>>> That sounds a lot more involed than using loopback to send data back
>>> to the same process. And I guess just calling netif_rx() in the xmit()
>>> function wouldn't be sufficient either? Also I wouldn't know how to do
>>> that as I'm not yet very familiar with network namespaces (but that
>>> can clearly get fixed).
>>
>> It may sound involved but it is just a few lines of code to set up.
>>
>> ip netns add ns1
>> ip netns add ns2
>> ip link set nic1 netns ns1
>> ip link set nic2 netns ns2
>>
>> int main(int argc, char **argv)
>> {
>> int netfd1, netfd2;
>> int sk1, sk2;
>> netfd1 = open(/var/run/netns/nic1);
>> netfd2 = open(/var/run/netns/nic2);
>>
>> setns(netfd1, 0);
>> sk1 = socket(...);
>>
>> setns(netfd2, 0);
>> sk2 = socket(...);
>>
>> /* test test test */
>> }
>>
>> And what is partidcularly interesting is that all of this works with
>> your drivers normal code paths without any kernel hacks.
>>
>> Eric
>>
>
>
> I have trouble understanding this approach. Does it mean that I have
> to expose two interfaces from my kernel module. I.e. call
> register_netdev() twice?
The suggestion was to have one driver, driving two identical nics
plugged into the same machine with a cable between them. That creates no
special cases on your side for testing.
Shrug. It is your driver, and your hardware, feel free to
develop however you want.
> Or use a "struct pernet_operations" to create
> a netdev on a per-namespace basis.
> If I do either of the above I end up with two "struct netdev" and two
> MAC addresses, which I don't really want. Also I would need to
> transfer from one netdev to the other in the driver's ndo_start_xmit()
> method instead of simply calling netif_rx().
>
> Perhaps I'm misunderstanding, I'm s
>
> During my development, looping back the data in ndo_start_xmit() is
> only a first step. The next step is to pass the data via PCIe and
> getting the same data back later. This is why I want to keep the
> loopback as simple/straightforward as possible.
I guess the question is why do you want to loopback the data?
For testing your NIC driver? Or are you trying some strange scheme
where you try and offload processing between sockets on the same machine?
Eric
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists